office-gobmx/package
Michael Stahl 3b347664b2 tdf#105844 package,sfx2: wholesome ODF package wrapping encryption
Redo the ODF encryption by storing an ODF package and wrapping it as a
stream "encrypted-package" in another ODF package, such that there is
only one encrypted stream - this requires only one KDF computation.

* This is only enabled in Experimental mode for now.

* Avoid storing unencrypted data in the pTempFile of SfxMedium, as it
  is usually created in the same directory as the target file, which
  may be on a network share or similar less trusted location.

* SfxMedium::SetEncryptionDataToStorage_Impl() should just set an
  error status if it fails (how can it fail anyway)

* when loading a document, SfxDocPasswordVerifier extracts an encrypted
  inner package (by calling SfxMedium::TryEncryptedInnerPackage())

* SfxMedium::GetStorage() automatically decrypts an encrypted inner
  storage and sets it as the SfxMedium's xStorage

* when storing a document, SfxObjectShell::SaveTo_Impl() creates
  the wrapped storages

* One challenge is to keep the macro/scripting signature working; this
  can only be put in the inner storage, whereas the document signature
  should continue to be on the outer storage; also it must use a Zip
  storage, to see the "META-INF" directory.  This needs a new
  SfxMedium::GetScriptingStorageToSign_Impl() and changes in
  SfxMedium::SignContents_Impl().

Change-Id: Ibfee36ce3a9cd030f2aa2ce1484b6d001cba2389
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160401
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
2023-12-07 09:28:38 +01:00
..
dtd
inc
qa
source tdf#105844 package,sfx2: wholesome ODF package wrapping encryption 2023-12-07 09:28:38 +01:00
util
CppunitTest_package2_test.mk
IwyuFilter_package.yaml
Library_package2.mk
Library_xstor.mk
Makefile
Module_package.mk
Package_dtd.mk
README.md

ZIP Support

Reading and writing ZIP files.